---
title: middleware
sidebarTitle: middleware
---

# `prefect.server.api.middleware`

## Classes

### `CsrfMiddleware` <sup><a href="https://github.com/PrefectHQ/prefect/blob/main/src/prefect/server/api/middleware.py#L15" target="_blank"><Icon icon="github" style="width: 14px; height: 14px;" /></a></sup>


Middleware for CSRF protection. This middleware will check for a CSRF token
in the headers of any POST, PUT, PATCH, or DELETE request. If the token is
not present or does not match the token stored in the database for the
client, the request will be rejected with a 403 status code.


**Methods:**

#### `dispatch` <sup><a href="https://github.com/PrefectHQ/prefect/blob/main/src/prefect/server/api/middleware.py#L23" target="_blank"><Icon icon="github" style="width: 14px; height: 14px;" /></a></sup>

```python
dispatch(self, request: Request, call_next: NextMiddlewareFunction) -> Response
```

Dispatch method for the middleware. This method will check for the
presence of a CSRF token in the headers of the request and compare it
to the token stored in the database for the client. If the token is not
present or does not match, the request will be rejected with a 403
status code.

